hi, i want to say abt how control transfers to entry.S exception -----> entry.S -----> Real Handler where IDT directly jumps into it and its hard coded into IDT this means u change this address to yr own address and jumps to that routiene, u have to just put yr hard coded address (more precisely some funtion pointer) error_code is also the useful assembky gragment in the entry.S not used by system calls but by exception. and u have read the instruction in which the IDT entry is filled with this intermediate handler routiene in entry.S for system calls set_system_gate(0x80,&system_call); which exactly comes to system_call in ENTRY.S and this is 0x80 entry in IDT here The DPL field is set to 3. These interrupts can be invoked from the userland (ring3). and by the way this famous article u probably knowing only http://packetstormsecurity.org/docs/hack/LKM_HACKING.html if i'm not relevant to yr answer then plz ignore this. Prasanna --- "Dhiman, Gaurav" <Gaurav.Dhiman@xxxxxx> wrote: > > Parameters are not pushed on to stack, those are > kept in different registers, like ebx, ecx, edx, > esi, edi. > > I want to know how control switches when int 0x80 > occurs, from this interrupt instruction how the eip > and ecs registers values are changed to point to > kernel code in entry.S. > > In DOS I read that when "int" instruction is > executed, control is passed to (interrupt number * > 4) memory location, as each entry in interrupt table > is of 4 bytes. Is it the same case with Linux > architecture as well ? > > If we take it like that, then our control should be > passed to (0x80 * 4) memory location, which is 512 > (or in Hexa 0x200) memory location, but I found the > point in entry.S, where control is transferred > "ENTRY(system_call)", does not fall at this memory > location. According to System.map file in boot drive > (/boot/System.map) this code in entry.S falls at > "c0109504" memory location (cat /boot/System.map | > grep system_call) > > If anybody knows the reason of this, then please > reply. > > Regards, > Gaurav > > > -----Original Message----- > From: kernelnewbies-bounce@xxxxxxxxxxxx > [mailto:kernelnewbies-bounce@xxxxxxxxxxxx] On Behalf > Of Christophe Lucas > Sent: Tuesday, July 27, 2004 1:23 PM > To: kernelnewbies@xxxxxxxxxxxx > Subject: Re: Switch from User space to Kernel space. > > Sanjay Kumar, Noida (sanjayku@xxxxxxxxxxxxxxxxx) > wrote: > > The inline assembley code is > > making a system call ( int $0x80) > > passing system call number (__NR_##name) and > argument( arg1) it requires. > > The value returned from the system call is > obtained in __res variable > > a and b denotes eax and ebx registers > respectively. > > Basically the inline assembly format is like > > asm ( assembler template > > : output operands > > : input operands); > > hi, > > As I know, to switch from user to kernel land, > parameters are push on > stack and eax contains nr_syscall (number of the > system call). > Afterwards, an 0x80 int are generated: (int $0x80). > Now you are in : linux/arch/i386/kernel/entry.S and > syscall are choiced > by eax register and kernel sys_ function is called. > > If I say some awful mistake, please correct me. I am > here to learn :-) > -- > Amicalement/Regards > > Christophe Lucas - c.lucas@xxxxxxxxxxx - Registered > User #271267 > > * GNU/Linux developer/network administrator > * Membre du RotomaLUG (LUG de la région Rouennaise) > (http://www.rotomalug.org) > * http://odie.mcom.fr/~clucas/ > > -- > Kernelnewbies: Help each other learn about the Linux > kernel. > Archive: > http://mail.nl.linux.org/kernelnewbies/ > FAQ: http://kernelnewbies.org/faq/ > > __________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages! http://promotions.yahoo.com/new_mail -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/
